package com.rentong.basic;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class CustomRealm extends AuthorizingRealm {

//    @Resource
//    private BizTenantService bizTenantService;

    // 设置realm的名称
    @Override
    public void setName(String name) {
        super.setName("customRealm");
    }

    /**
     * @Description: 登录信息和用户验证信息验证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {

//        UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
//        BizTenant userInfo = bizTenantService.logins(token.getUsername(), EncryptHelper.encryptPassword(String.valueOf(token.getPassword())));
//        if (userInfo == null) {
//            throw new AuthenticationException("用户不存在或密码错误");
//        } else if (BackConstant.BIZ_STATE_0 != userInfo.getBizState()) {
//            throw new AuthenticationException("用户已禁用");
//        }
//        return new SimpleAuthenticationInfo(userInfo, token.getPassword(), getName());
        return null;
    }

    /**
     * @Description: 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用,负责在应用程序中决定用户的访问控制的方法
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) {
        return null;
    }

}
